GHSA-9p3r-hh9g-5cmg: openclaw Sandbox Escape (CRITICAL)
Plattform
nodejs
Komponente
openclaw
Behoben in
2026.3.31
GHSA-9p3r-hh9g-5cmg is a critical sandbox escape vulnerability in openclaw versions 2026.3.28 and earlier. The vulnerability is due to a TOCTOU (Time-of-Check Time-of-Use) race condition in the remote FS bridge readFile function. This allows attackers to bypass sandbox restrictions. Upgrade to version 2026.3.31 or later to resolve this issue.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is GHSA-9p3r-hh9g-5cmg?
GHSA-9p3r-hh9g-5cmg is a critical sandbox escape vulnerability in openclaw caused by a TOCTOU race condition.
Am I affected by GHSA-9p3r-hh9g-5cmg?
You are affected if you are using openclaw version 2026.3.28 or earlier.
How do I fix GHSA-9p3r-hh9g-5cmg?
Upgrade to openclaw version 2026.3.31 or later.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten